Secure use of malloc function in SQLCipher?


#1

Hi zetetic community!

I have added SQLCipher in an iOS App, but after Ethical Hacking Analysis, the use of potential insecure functions was detected.

Specifically, several occurrences of “malloc” function were found in SQLCipher code, and the recommendation of our Security Analysis Department is substitute “malloc” function with more secure versions like “calloc”. If not, a deep analysis of the code is required to asure that the implementation of malloc is free of vulnerabilities.

We could try to modify SQLCipher by own, but this solution would make hard to maintain the code for future updates of the Library. Somebody who had analyzed before can help with this topic? Is the implementation of malloc secure in this case?

Thanks in advance

Javier González


#2

Hello @cadrilo, thanks for getting in touch about SQLCipher. malloc is used at various points in the SQLite codebase. However, for anything that SQLCipher is doing to allocate memory, the library calls sqlcipher_malloc() which is a function that operates in a similar manner to calloc by allocating memory from the underlying SQLite memory subsystem and then zero-initializing it. Thus the resulting memory segment is sanitized just like it would be with calloc. Furthermore, it’s worth noting that SQLCipher also zero’s allocated memory before it is released as well. Let us know if you have any other questions.


#3

Hello @sjlombardo, this info is just what I needed.

Thanks